Kyle Pillay, Security As A Service Manager, Datacentrix

There is a common misconception today that, with antivirus software and a firewall in place, a business’ data is secured. However, the concept of attack surface management (ASM) goes far beyond this type of toolset. “A compromised attack surface could be likened to having a pedestrian gate in the perimeter wall of your home with no additional safety measures such as locks or cameras,” says Kyle Pillay, Security-as-a-Service Manager for Datacentrix. “The level of security elsewhere will be irrelevant while the gate remains vulnerable. Similarly, threat actors will exploit such vulnerabilities to gain network access and undertake nefarious activities.” To better understand ASM, an organisation needs to consider itself and its employees within a digital context, through the eyes of a cybercriminal.

Threat actors harness common vulnerabilities and exposures (CVEs) to bypass security controls. They are experts in trickery and purposefully mislead their victims to gain access to important credential information, using opensource tools and instigating AI-powered attacks, including sophisticated phishing attempts. This information is then either used by the cybercriminal directly or auctioned off to the highest bidder on the dark web.

Every network connection – whether remote work device, smart printer, cloud service or IoT sensor – is a potential entry point for attackers and they’ll apply various techniques, such as exploiting domain addresses for phishing attempts or taking advantage of susceptible SSL certificates, to do so.

Phishing remains the number one driver for network attacks. While patching and good housekeeping support the professional management of technology information, it is most often the ‘wetware’ – the person between the keyboard and the chair – that is the weakest link. As a result, practical awareness is a critical process that needs to be reinforced regularly across organisations to build a culture of security.

Effective ASM not only provides visibility into the company’s digital footprint and all the network connections, but it enhances protection through steps involving finding, isolating, eradicating, remediating and recovering from cyberthreats across on-premises, cloud and hybrid environments.

Furthermore, governance can turn ASM into a strategic business function that drives resilience and compliance. To be effective, protection measures – be they antivirus solutions, encryption, mobile device management, data loss prevention, VPNs or multi-factor authentication – must meet the highest standards. Zero-Trust measures as well as identity and access management are critical to this process, ensuring that access is restricted, continuously validated, reviewed and updated whenever employees join, change roles or leave the organisation.

“The visible internet is just the tip of the iceberg; beneath it lies the vast dark web, built on hidden protocols and ‘onion ring’ access layers that enable user anonymity and an entire ecosystem of illicit activities,” says Pillay.

“Because the internet doesn’t sleep, security protocols must be in place around the clock,” he adds. “At Datacentrix, our security team operates around the clock, with analysts continuously monitoring logs, proactively hunting threats and tracking dark web activities to identify potential risks before they escalate. This provides clear, actionable insight into any lurking threats and the most effective protection strategies. “Managing an attack surface is nearly impossible without the right expertise to handle log management, environment scanning, credentials management and compliance,” Pillay continues. “It requires expertise and resources that many enterprises simply cannot afford. This is where Datacentrix distinguishes itself. Through our managed services, companies of any size can gain access to the necessary cybersecurity skills set. Our team handles everything – from governance, risk and compliance to penetration testing and more.

Ethical hacking is one method that Datacentrix uses to assess and correct companies’ vulnerabilities. This approach supports the management of external-facing touch points and digital footprints and helps to identify necessary patching. Probing dark web auctions is another preventative measure that provides visibility of any company or employee credentials that may be up for sale. These proactive methodologies, along with the provision of incident and event management tools, as well as the collation and analysis of server and database log information to identify and trace any access attempts, are just a few of the components of Datacentrix’s holistic cybersecurity approach.

Cybersecurity is a business imperative for every organisation, states Pillay. “From the moment systems connect to the internet, controls must protect all data, while allowing operations to run efficiently. And the success of these preventative measures depends on the integration of people, processes and technology to effectively manage the attack surface.

“The internet is always watching and listening,” he notes. “Corporate assets must be treated with the same vigilance as a personal ATM card. Your data is as valuable as your money in the bank.”

Contact Datacentrix to achieve cyber resilience through leading security strategies, end-to-end SOC and cyber security solutions and services, and 24/7 support.

Emergency Ransomware Hotline: 087 741 5001 or cybercrimeline@datacentrix.co.za 

www.datacentrix.co.za